package com.aiserver.controller;

import com.aiserver.common.Result;
import com.aiserver.entity.User;
import com.aiserver.mapper.UserMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;

/**
 * 用户控制器
 * 演示受保护的API接口
 */
@RestController
@RequestMapping("/user")
public class UserController {

    @Autowired
    private UserMapper userMapper;

    /**
     * 获取当前用户信息
     */
    @GetMapping("/profile")
    public Result<User> getProfile(HttpServletRequest request) {
        Long userId = (Long) request.getAttribute("userId");
        User user = userMapper.findById(userId);
        if (user != null) {
            // 不返回密码
            user.setPassword(null);
        }
        return Result.success("获取成功", user);
    }

    /**
     * 更新用户信息
     */
    @PutMapping("/profile")
    public Result<User> updateProfile(
            @RequestParam(required = false) String nickname,
            @RequestParam(required = false) String email,
            @RequestParam(required = false) String avatar,
            HttpServletRequest request) {
        
        Long userId = (Long) request.getAttribute("userId");
        User user = userMapper.findById(userId);
        
        if (user == null) {
            return Result.error("用户不存在");
        }

        // 更新用户信息
        if (nickname != null) {
            user.setNickname(nickname);
        }
        if (email != null) {
            user.setEmail(email);
        }
        if (avatar != null) {
            user.setAvatar(avatar);
        }
        
        user.setUpdateTime(java.time.LocalDateTime.now());
        userMapper.update(user);
        
        // 不返回密码
        user.setPassword(null);
        return Result.success("更新成功", user);
    }

    /**
     * 修改密码
     */
    @PostMapping("/change-password")
    public Result<Void> changePassword(
            @RequestParam String oldPassword,
            @RequestParam String newPassword,
            HttpServletRequest request) {
        
        Long userId = (Long) request.getAttribute("userId");
        User user = userMapper.findById(userId);
        
        if (user == null) {
            return Result.<Void>error("用户不存在");
        }

        // 验证旧密码
        String encryptedOldPassword = com.aiserver.util.EncryptUtil.md5Encrypt(oldPassword);
        if (!encryptedOldPassword.equals(user.getPassword())) {
            return Result.<Void>error("原密码错误");
        }

        // 更新新密码
        String encryptedNewPassword = com.aiserver.util.EncryptUtil.md5Encrypt(newPassword);
        user.setPassword(encryptedNewPassword);
        user.setUpdateTime(java.time.LocalDateTime.now());
        userMapper.update(user);
        
        return Result.<Void>success("密码修改成功", null);
    }

    /**
     * 获取用户列表（管理员功能）
     */
    @GetMapping("/list")
    public Result<String> getUserList(HttpServletRequest request) {
        String username = (String) request.getAttribute("username");
        // 这里可以添加权限检查
        return Result.success("用户列表功能，当前用户: " + username);
    }

    /**
     * 测试加密接口
     */
    @PostMapping("/test-encrypt")
    public Result<String> testEncrypt(@RequestBody String data, HttpServletRequest request) {
        String username = (String) request.getAttribute("username");
        
        // 检查是否有解密数据
        String decryptedData = (String) request.getAttribute("decryptedData");
        if (decryptedData != null) {
            return Result.success("接收到解密数据: " + decryptedData + ", 用户: " + username);
        }
        
        return Result.success("接收到普通数据: " + data + ", 用户: " + username);
    }
}